<?php
/**************************************************************************************************
|
| AudioShare - Audio Sharing Script
| http://www.audiosharescript.com
| webmaster@audiosharescript.com
|
|**************************************************************************************************
|
| By using this software you agree that you have read and acknowledged our End-User License 
| Agreement available at http://www.audiosharescript.com/eula.html and to be bound by it.
|
| Copyright (c) 2010 AudioShareScript.com. All rights reserved.
|**************************************************************************************************/

include("include/config.php");
include("include/functions/import.php");
$thebaseurl = $config['baseurl'];

if ($_SESSION[USERID] != "" && $_SESSION[USERID] >= 0 && is_numeric($_SESSION[USERID]))
{
    $query = "SELECT * FROM members WHERE USERID='".mysql_real_escape_string($_SESSION[USERID])."'";
    $executequery = $conn->execute($query);
    $memberarray = $executequery->getarray();
	STemplate::assign('memberarray',$memberarray);
	
	// Split Birthday Begin
	$birthday = explode("-",$memberarray[0][birthday]);
	STemplate::assign('bdays',listdays($birthday[2]));
	STemplate::assign('bmonths',listmonths($birthday[1]));
	STemplate::assign('byears',listyears($birthday[0]));
	// Split Birthday End
	
	STemplate::assign('country',listcountries($memberarray[0][country]));
		
	if($_REQUEST[change]!="")
	{
		$firstname = htmlentities(strip_tags($_REQUEST[firstname]));
		$firstname = escape($firstname);
		$lastname = htmlentities(strip_tags($_REQUEST[lastname]));
		$lastname = escape($lastname);
		$description = htmlentities(strip_tags($_REQUEST[description]));
		$description = escape($description);
		$url = htmlentities(strip_tags($_REQUEST[url]));
		$url = escape($url);
		$city = htmlentities(strip_tags($_REQUEST[city]));
		$city = escape($city);
		
		$moresql = "";
		if (is_numeric($_REQUEST[gender]))
		{
			if ($_REQUEST[gender] == "0")
			{
				$moresql .= ", gender='0'";
			}
			elseif ($_REQUEST[gender] == "1")
			{
				$moresql .= ", gender='1'";
			}
		}
		
		if (is_numeric($_REQUEST[bday]) && is_numeric($_REQUEST[bmonth]) && is_numeric($_REQUEST[byear]))
		{
			$joinbday = "$_REQUEST[byear]-$_REQUEST[bmonth]-$_REQUEST[bday]";
			$moresql .= ", birthday='".mysql_real_escape_string($joinbday)."'";
		}
		
		if ($_REQUEST[country] != "Choose Country")
		{
			$country = htmlentities(strip_tags($_REQUEST[country]));
			$country = escape($country);
			$moresql .= ", country='".mysql_real_escape_string($country)."'";
		}
				
		$query="UPDATE members SET firstname='".mysql_real_escape_string($firstname)."', lastname='".mysql_real_escape_string($lastname)."', description='".mysql_real_escape_string($description)."', url='".mysql_real_escape_string($url)."', city='".mysql_real_escape_string($city)."' $moresql WHERE USERID='$_SESSION[USERID]'";
		$conn->execute($query);
				
		if(mysql_affected_rows()>=1)
		{
			$error = "$lang[548] <a href=\"$thebaseurl/editprofile.php\">$lang[549]</a>";
		}
		else
		{
			$error = "$lang[550]";
		}
	}
	$templateselect = "editprofile.tpl";
}
else
{
	header("Location:$config[baseurl]/login.php");exit;
}

$pagetitle = "$lang[27]";
STemplate::assign('pagetitle',$pagetitle);

//TEMPLATES BEGIN
STemplate::assign('error',$error);
STemplate::display('header.tpl');
STemplate::display($templateselect);
STemplate::display('footer.tpl');
//TEMPLATES END
?>